Security Breach Update
10 September 2020

Reduce their risk of a cybersecurity disaster today.Cyberattack risks and data breach costs are on the rise in 2020

There’s no doubt that 2020 has been an expensive year for businesses in every way – and 2021 is just around the corner. What can you expect to need to consider in your 2021 cybersecurity budget? How about a few cost-effective upgrades, since both cyberattack risks and data breach costs are climbing (especially for government entities and healthcare providers), with no end in sight.

Reviewing the annual Ponemon Institute “Cost of a Data Breach” report, one figure sticks out: 70% of respondents expect remote working could increase the cost (and danger) of a data breach.

We’re finding that this is the case. From this week’s hacking attack on an employee’s home WiFi network that led to the theft of $7.5 million to intrusions enabled by IoT gadgets or parents and children sharing networks and devices at home, data breaches will rise from the sheer increase in opportunity afforded to cybercriminals by a remote workforce.

In today’s world, remote working isn’t going anywhere, especially as the COVID-19 pandemic continues to cause worldwide disruptions. But there are a few actions that businesses can take to reduce their risk of a cybersecurity disaster in these circumstances.

First and foremost, adopt a secure identity and access management solution like DUO that offers solid protection against unauthorized access to systems and data with essential security features like multifactor authentication, easy remote management, and single sign on for every user.

It pays review your cybersecurity stack before you have an incident to ensure that it’s got all of the right tools to create a strong digital risk protection platform to guard your company from potential risk when supporting a remote workforce.

Recent Breaches

United States – Warner Music – Entertainment Company

Exploit: Malware (Magecart)

Risk to Small Business: Severe: In a just disclosed breach, Magecart skimming was in action at Warner Music from April 25 and August 5. Warner Music said hackers compromised “a number of US-based e-commerce sites” that were “hosted and supported by an external service provider.” The details that the cybercriminals checked out with include names, email addresses, telephone numbers, billing addresses, shipping addresses, and payment card details (card number, CVC/CVV and expiration date) for account holders and guests who placed items into shopping carts or made purchases in that timeframe.

Risk to Exploited Individuals: Severe:  The company did not specify in its filing exactly which parts of its retail operations were impacted. Warner Music is offering free credit monitoring through Kroll for victims.

Customers Impacted:  Unknown

Australia – Service New South Wales – Government Entity

Exploit: Ransomware

Risk to Small Business: Severe:  Australian government agency Service New South Wales (NSW) confirmed that a recent attack resulted in the personal details of 186,000 customers being compromised. Hackers were able to gain access to 47 staff email accounts, giving them a pass into a huge amount of information. 738GB of data comprised of 3.8 million documents was stolen from the email accounts in April 2020.

Risk to Exploited Individuals: Moderate:  Service New South Wales says that the stolen data is made up of internal documents such as handwritten notes and forms, scans, and records of transaction applications. There was no evidence that individual MyServiceNSW account data or Service NSW databases were compromised during the cyber-attack.

Customers Impacted:   186,000

Ensure you’re protecting your data and systems from common sources of credential compromise and data loss by implementing a solid cybersecurity plan.

Why put your business at risk, talk to a TCT team member today.

Robert Brown
10/09/2020

Follow us on LinkedIn:

Related Articles:
Growing Dark Web data dumps are fuelling new Cybercrime
The World Has Changed. So Has the Dark Web.

Written by